[SOLVED] SSL certificates and IP Board (unsupported version)

[rct2·com]

I'm part way through:

1. a server move,
2. adding certificates to the moved sites
3. renewing Invision licenses if they have expired
4. and upgrading Ip.Board to supported versions

Progress:

1. Server move is complete
2. Adding SSL certificate to a site running v3.4.6 with expired license is complete
3. Adding SSL certificate to a site running 3.4.8 with an unexpired license, the site refuses to validate any IP.Board logins. Removing the certificate and reverting back to http:// all works again.

Possible causes:

1. Is this because at the Invision back end, for the unexpired license, I have to tell Invision that the board URL has changed from http://foo.com to https://foo.com 
2. Or perhaps that v3.4.8 is incompatible with SSL but v3.4.6 is not
3. Or that there's an AdminCP setting related to certificates that I've missed?
4. Or something else?

[Steph40]

Definitely number one

Ips license consider http://foo.com and https://foo.com as two different site so license won’t work.

[Rhett]

On the 3.x site not working after changing to https, ensure you don't have a cookie domain set, if you do try removing that and save, then try again. 

[rct2·com]

13 minutes ago, Rhett said:

On the 3.x site not working after changing to https, ensure you don't have a cookie domain set, if you do try removing that and save, then try again. 

Thanks Rhett. One 3.x site  does work with https (the unlicensed one) and one does not though.

Both have cookie domains in AdminCP

The one that works also has a cookie prefix. Relevant?

3 hours ago, Steph40 said:

Definitely number one

Ips license consider http://foo.com and https://foo.com as two different site so license won’t work.

Not sure what you mean by the 'license won't work'. I could check licenses after SSL cert install, because I could not login. 🙂

[Rhett]

"try removing that and save, then try again. "

Also check your htaccess file for anything related to https, ensure you are not trying to force https outside of the conf_global.php file. 

[rct2·com]

4 minutes ago, Rhett said:

"try removing that and save, then try again. "

Yeah, I get that. But all I'm saying is that both boards have a cookie domain, and one wrked but the other did not. I'll try it next time the board is quiet.

4 minutes ago, Rhett said:

Also check your htaccess file for anything related to https, ensure you are not trying to force https outside of the conf_global.php file. 

I should have mentioned that I'd already checked that .htaccess wasn't in play. It's not. 🙂

[bfarber]

Just to be clear, whether the URL on your license is correct or not would not impact the local behavior you see on your site - it's not like your site calls out to our servers on every page load, or to process logins, or anything like that.

On the site that isn't working:

• Make sure there are no http to https redirects (or vice-versa) or anything like that. This very commonly breaks logins when people try to enable https.
• Make sure you don't have the "Require https for logging in" setting enabled (I can't remember what it's called or where it's found in 3.x at this point unfortunately).
• Are you using any third party login handlers, or just the normal local login functionality? If you are trying to use Facebook, for instance, you would need to adjust the callback URL in your Facebook developer center from http to https after making the change.
• Are you able to login to the AdminCP after making the change? i.e. is it just the front end logins failing?

[newbie LAC]

1. Make changes in conf_global.php

2. Enable Use https for logins in ACP

3. If you are using a non-standard SSL port (not 443) add in constants.php

define( 'SSL_PORT', PORT_NUMBER );

 

[rct2·com]

Thank you everybody who offered help. Amending the conf_global.php to board_url setting to https: fixed it.

Still don't understand why that was needed on one board but not another, but moving forwards again.